Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network control node detection method and system

A technology of network control and detection method, applied in the direction of transmission system, electrical components, etc., can solve the problem of unable to fully acquire botnet control nodes, impossible to ensure complete capture of samples of the same family, etc.

Inactive Publication Date: 2017-04-26
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Extracting samples from botnet control nodes is a relatively fast way, but there are also certain defects, because VirusTotal cannot ensure that the latest samples of the same family are completely captured, so it is impossible to fully obtain the latest botnet control nodes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network control node detection method and system
  • Network control node detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings, and unnecessary details and functions for the present invention will be omitted during the description to avoid confusing the understanding of the present invention. Although exemplary embodiments are shown in the drawings, it should be understood that the invention may be embodied in various forms and is not limited to the embodiments set forth herein. Rather, these embodiments are provided so that the present disclosure can be more thoroughly understood, and the scope of the present invention can be fully conveyed to those skilled in the art.

[0020] In the present invention, according to the known botnet family and its extended version server-side sample size, the commonly used ports of the botnet virus family control nodes and other information, the botnet family and version will be automatically and quickly classified, and the static con...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network control node detection method and system. The method includes: classifying botnet families and versions based on the botnet families and extended version samples thereof, and obtaining a network control node and common port information thereof through a static configuration decryption method; automatically obtaining a corresponding IP, an IP network segment and port information based on the network control node; and detecting a new network control node through automatic and batch enumeration communication of the IP, a port, and a common port and communication protocol feature matching one by one. According to the method and system, the problem of failure of obtaining more unknown botnet control nodes of the same family in the prior art is solved.

Description

technical field [0001] The invention relates to the technical field of computer security, and in particular to a method and system for detecting a network control node. Background technique [0002] To realize the automated botnet monitoring process, three steps need to be implemented: family identification and reverse analysis of family communication protocols; automated monitoring and protocol analysis scripts; batch input of botnet control nodes for batch automated monitoring. After the first two steps are realized, more active botnet control nodes need to be input to realize intensive monitoring of single-family botnets and generate more monitoring data. [0003] However, the acquisition of the botnet control node can obtain the detected samples through VirusTotal for sample extraction. Extracting samples from botnet control nodes is a relatively fast method, but there are also certain defects, because VirusTotal cannot ensure that it can completely capture the latest s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/0236H04L63/1466H04L2463/144H04L61/4511
Inventor 康学斌黄云宇肖新光
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com